cpet/openbsd-ports
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
173172f62e
openbsd-ports/textproc/xpdf/patches/patch-xpdf_Catalog_cc
ckuethe 3b5bcac916 Update to xpdf 3.0.2, from Stuart Henderson and Brad Smith 
Includes some security fixes

ok pvalchev, todd
2007-03-30 04:09:42 +00:00

32 lines
1.3 KiB
Plaintext
Raw Blame History

$OpenBSD: patch-xpdf_Catalog_cc,v 1.3 2007/03/30 04:09:42 ckuethe Exp $
--- xpdf/Catalog.cc.orig Tue Feb 27 22:05:52 2007
+++ xpdf/Catalog.cc Fri Mar 30 00:31:19 2007
@@ -65,6 +65,15 @@ Catalog::Catalog(XRef *xrefA) {
}
pagesSize = numPages0 = (int)obj.getNum();
obj.free();
+ // The gcc doesnt optimize this away, so this check is ok,
+ // even if it looks like a pagesSize != pagesSize check
+ if (pagesSize*sizeof(Page *)/sizeof(Page *) != pagesSize ||
+ pagesSize*sizeof(Ref)/sizeof(Ref) != pagesSize) {
+ error(-1, "Invalid 'pagesSize'");
+ ok = gFalse;
+ return;
+ }
+
pages = (Page **)gmallocn(pagesSize, sizeof(Page *));
pageRefs = (Ref *)gmallocn(pagesSize, sizeof(Ref));
for (i = 0; i < pagesSize; ++i) {
@@ -217,6 +226,11 @@ int Catalog::readPageTree(Dict *pagesDict, PageAttrs *
}
if (start >= pagesSize) {
pagesSize += 32;
+ if (pagesSize*sizeof(Page *)/sizeof(Page *) != pagesSize ||
+ pagesSize*sizeof(Ref)/sizeof(Ref) != pagesSize) {
+ error(-1, "Invalid 'pagesSize' parameter.");
+ goto err3;
+ }
pages = (Page **)greallocn(pages, pagesSize, sizeof(Page *));
pageRefs = (Ref *)greallocn(pageRefs, pagesSize, sizeof(Ref));
for (j = pagesSize - 32; j < pagesSize; ++j) {
Reference in New Issue View Git Blame Copy Permalink